More information has been coming out about the Flashback trojan that has been infecting computers running Mac OSX. This story has been getting so much coverage because it will likely be remembered in history as the specific event that showed that Macs really aren't as secure as people once thought.
In my in-class presentation on Thursday, April 19th, I mentioned that Flashback was thought to have spread through malicious WordPress sites. This theory has now been confirmed. These WordPress sites would secretly redirect the visitor to a server that would determine the OS that the user was running and serve up an appropriate security exploit. This particular piece of software was not only used to spread the Flashback trojan, but to spread other malware as well.
While Apple did respond to this security flaw, they have received some criticism for their delayed response. They issued updates for the two most recent versions of Mac OSX, which did bring about the largest reported drop in the amount of computers infected by Flashback. However, this update was only released last weekend, while Flashback itself was reported as early as September 2011.
No comments:
Post a Comment